srctree

Robin Linden parent 8d09677e 258c08fd
wasm: Handle bad sizes in custom sections

wasm/byte_code_parser.cpp added: 17, removed: 2, total 15

@@ -480,6 +480,9 @@ tl::expected<Module, ModuleParseError> ByteCodeParser::parse_module(std::istream

auto consumed_by_name = static_cast<int64_t>(is.tellg()) - before;

auto remaining_size = static_cast<int64_t>(*size) - consumed_by_name;

if (remaining_size < 0 || remaining_size > std::int64_t{kMaxSequenceSize}) {

return tl::unexpected{ModuleParseError::InvalidCustomSection};

}

std::vector<std::uint8_t> data;

data.resize(remaining_size);

wasm/byte_code_parser_test.cpp added: 17, removed: 2, total 15

@@ -108,6 +108,18 @@ void custom_section_tests() {

auto module = ByteCodeParser::parse_module(wasm_bytes);

expect_eq(module, tl::unexpected{wasm::ModuleParseError::InvalidCustomSection});

});

etest::test("custom section, bad size (negative after name)", [] {

auto wasm_bytes = std::stringstream{"\0asm\1\0\0\0\0\0\0\0\0"s};

expect_eq(ByteCodeParser::parse_module(std::move(wasm_bytes)),

tl::unexpected{wasm::ModuleParseError::InvalidCustomSection});

});

etest::test("custom section, bad size (too large after name)", [] {

auto wasm_bytes = std::stringstream{"\0asm\1\0\0\0\0\xe5\x85\x26\0\0\0\0"s};

expect_eq(ByteCodeParser::parse_module(std::move(wasm_bytes)),

tl::unexpected{wasm::ModuleParseError::InvalidCustomSection});

});

}

void export_section_tests() {